7.2 High
AI Score
Confidence
High
Description WordPress does not properly escape the “file” attribute in the “Template Part block” allowing high-privileged users to perform Path Traversal on Windows servers, leading to arbitrary File Reads.
wordpress.org/news/2024/06/wordpress-6-5-5/